- -------------------------------------------------------------------------
Debian Security Advisory DSA-4912-1                   [email protected]
https://www.debian.org/security/                     Salvatore Bonaccorso
May 04, 2021                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : exim4
CVE ID         : CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2020-28010
                 CVE-2020-28011 CVE-2020-28012 CVE-2020-28013 CVE-2020-28014
                 CVE-2020-28015 CVE-2020-28017 CVE-2020-28019 CVE-2020-28021
                 CVE-2020-28022 CVE-2020-28023 CVE-2020-28024 CVE-2020-28025

The Qualys Research Labs reported several vulnerabilities in Exim, a
mail transport agent, which could result in local privilege escalation
and remote code execution.

Details can be found in the Qualys advisory at

For the stable distribution (buster), these problems have been fixed in
version 4.92-8+deb10u6.

We recommend that you upgrade your exim4 packages.

For the detailed security status of exim4 please refer to its security
tracker page at:

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]